Security Advisory

CVE-2025-28100

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-15 00:00:00

Last updated 2025-04-16 14:22:36

Assigner mitre

State PUBLISHED

Description

A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code via not filtering the content correctly at the "operateOrder.php" id parameter.

← Browse all CVEs View on cve.org ↗